package com.dish.action;

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.dish.bean.MyUsers;
import com.dish.biz.UserService;
import com.dish.dao.UserDAO;
import com.dish.utils.DAOFactory;
import com.dish.utils.JDBCUtils;

/**
 * Servlet implementation class LoginControlAdmin
 */
@WebServlet("/loginControlAdmin")
public class LoginControlAdmin extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public LoginControlAdmin() {
        super();
        // TODO Auto-generated constructor stub
    }
    private void loginCheck(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException, SQLException {
		// step 1 获取用户提交的用户名和口令
    	
		UserDAO userdao = (UserDAO) DAOFactory.newInstance("UserDAO");
		
		String username = request.getParameter("loginName");
		String password = request.getParameter("loginPass");
		MyUsers loginuser = new MyUsers();
		//SafetyControl sc = new SafetyControl();
		loginuser.setUsername(username);
		loginuser.setPassword(password);
		//loginuser.setPassword(sc.MD5(password));
		// step 2 数据库验证用户
		UserService userserv = new UserService();
		RequestDispatcher rd = null;
		if (userserv.validateUser(loginuser)&&getData(username)) {
			ArrayList<MyUsers> lst;
			// 验证通过 ，跳转到show.jsp
			HttpSession session = request.getSession(true);
			rd = request.getRequestDispatcher("/ShowUsers");
			rd.forward(request, response);
		} else {
			response.sendRedirect("loginadmin.jsp");

		}
	}
    private boolean getData(String fuck) throws SQLException
	{
		ArrayList<MyUsers> lst = new ArrayList<MyUsers>();
		Connection conn = null;
		PreparedStatement ps =null;
		ResultSet rs = null;
		try {
			conn = JDBCUtils.getConnection();
			ps = conn.prepareStatement("select * from users");
			rs = ps.executeQuery();
			while(rs != null && rs.next()) {
				MyUsers usr = new MyUsers();
				usr.setUserid(rs.getInt("userid"));
				usr.setUsername(rs.getString("username"));
				usr.setCreatedate(rs.getTimestamp("createdate"));
				if(rs.getString("isadmin").equals("YES")&&usr.getUsername().equals(fuck)) {
					return true;
				}

				
				lst.add(usr);
			}
			return false;
		}catch(RuntimeException e) {
			e.printStackTrace();
			return false;
		}finally {
			JDBCUtils.free(rs, ps, conn);
		}
	}
	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		try {
			loginCheck(request, response);
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		doGet(request, response);
	}

}
